Gitiles
Code Review Sign In
gerrit.omnirom.org / android_hardware_interfaces / a3bc09e02addb9156644bf89f3b080a6a49bb607^1..a3bc09e02addb9156644bf89f3b080a6a49bb607 / .
commita3bc09e02addb9156644bf89f3b080a6a49bb607[log] [tgz]
authorTreehugger Robot <treehugger-gerrit@google.com>Thu Apr 06 05:58:35 2023 +0000
committerGerrit Code Review <noreply-gerritcodereview@google.com>Thu Apr 06 05:58:35 2023 +0000
tree51722c24da9eaa0ec8b038d595920f0a0da3dbe0
parentd0d17b1c8c344aaf8983252eed64f87f0cb69dd8 [diff]
parent728336ffa332ee09ff69d8f839a58ccb95357073 [diff]
Merge "VTS: Restore 2nd-IMEI tests"
diff --git a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
index 8ffc179..e759123 100644
--- a/security/keymint/aidl/vts/functional/AttestKeyTest.cpp
+++ b/security/keymint/aidl/vts/functional/AttestKeyTest.cpp

@@ -1019,12 +1019,8 @@
                     .Authorization(TAG_ATTESTATION_ID_MANUFACTURER, "malformed-manufacturer")
                     .Authorization(TAG_ATTESTATION_ID_MODEL, "malicious-model");
 
-    // TODO(b/262255219): Remove this condition when StrongBox supports 2nd IMEI attestation.
-    if (SecLevel() != SecurityLevel::STRONGBOX) {
-        if (isSecondImeiIdAttestationRequired()) {
-            attestation_id_tags.Authorization(TAG_ATTESTATION_ID_SECOND_IMEI,
-                                              "invalid-second-imei");
-        }
+    if (isSecondImeiIdAttestationRequired()) {
+        attestation_id_tags.Authorization(TAG_ATTESTATION_ID_SECOND_IMEI, "invalid-second-imei");
     }
     vector<uint8_t> key_blob;
     vector<KeyCharacteristics> key_characteristics;
@@ -1061,11 +1057,6 @@
         GTEST_SKIP() << "Test not applicable under GSI";
     }
 
-    // TODO(b/262255219): Remove this condition when StrongBox supports 2nd IMEI attestation.
-    if (SecLevel() == SecurityLevel::STRONGBOX) {
-        GTEST_SKIP() << "Test not applicable for SecurityLevel::STRONGBOX";
-    }
-
     // Skip the test if there is no second IMEI exists.
     string second_imei = get_imei(1);
     if (second_imei.empty() || second_imei.compare("null") == 0) {
@@ -1144,11 +1135,6 @@
         GTEST_SKIP() << "Test not applicable under GSI";
     }
 
-    // TODO(b/262255219): Remove this condition when StrongBox supports 2nd IMEI attestation.
-    if (SecLevel() == SecurityLevel::STRONGBOX) {
-        GTEST_SKIP() << "Test not applicable for SecurityLevel::STRONGBOX";
-    }
-
     // Skip the test if there is no first IMEI exists.
     string imei = get_imei(0);
     if (imei.empty() || imei.compare("null") == 0) {

diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
index 63b2e73..e99149b 100644
--- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp

@@ -3118,9 +3118,6 @@
  * presented.
  */
 TEST_P(SigningOperationsTest, NoUserConfirmation) {
-    if (SecLevel() == SecurityLevel::STRONGBOX) {
-        GTEST_SKIP() << "Test not applicable to StrongBox device";
-    }
     ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
                                                  .RsaSigningKey(1024, 65537)
                                                  .Digest(Digest::NONE)
@@ -7825,10 +7822,6 @@
  * in hardware.
  */
 TEST_P(UsageCountLimitTest, TestSingleUseKeyAndRollbackResistance) {
-    if (SecLevel() == SecurityLevel::STRONGBOX) {
-        GTEST_SKIP() << "Test not applicable to StrongBox device";
-    }
-
     auto error = GenerateKey(AuthorizationSetBuilder()
                                      .RsaSigningKey(2048, 65537)
                                      .Digest(Digest::NONE)